Thank you Victor! In the cryptool I'm only able to introduce the 8 bytes key and not the IV. The documentation from CrypTool says" CBC mode is used with zero initialization vector and X.923 padding."
user@debian:~$ openssl enc -des-cbc -K 0101010101010101 -iv 0000000000000000 -nosalt -in topsecret.txt | xxd 8a08 216b 7f88 7ec4 In the tool (GUI) using DES CBC mode with the same key '0101010101010101' the output is '255B DF6C 2E64 E96A' but I didnt figure out what they mean by "zero initialization vector and X.923 padding". btw: the tool is quite amazing for learning crypto stuff https://www.cryptool.org/images/ct1/presentations/CrypToolPresentation-en.pdf Best, Luis On Tue, Oct 29, 2013 at 12:40 AM, Viktor Dukhovni < openssl-us...@dukhovni.org> wrote: > On Mon, Oct 28, 2013 at 11:48:22PM +0100, Luis Rocha wrote: > > > + Filename topsecret.txt which only contains the character 'a' > > + Encrypt it with DES using CBC mode with key and iv = 0 produces the > > result '32ea a0fa 4f77 fb92' > > > > user@debian:~$ openssl enc -des-cbc -K 0 -iv 0 -nosalt -in topsecret.txt > > 0000000: 32ea a0fa 4f77 fb92 2...Ow.. > > Note, "0" is not a valid DES key, nor a valid DES iv. To be a > valid key it needs to be 8 bytes with the right parity bits. So > > I don't believe that you can expect well-defined behaviour with > the specified inputs. > > > If I use the cryptool 1.4.31 to do the same exercise the result is > > '0C29 5D71 8258 D464' > > What does "same" mean? What is the syntax for key/iv in that utility? > > > I also noticed that openssl generates the same output for different modes > > of des e.g. > > > > user@debian:~$ openssl enc -des-ecb -K 0 -iv 0 -nosalt -in > topsecret.txt | > > xxd > > For a single block with a zero IV, the output of ECB and CBC is > naturally the same. If you use a non-zero IV, you'll observe that > CBC and ECB produce different results. > > > While if I do the same in Cryptool the output for the ECB mode is: > > > > '841B D8A4 2931 FCF5' > > Which shows that this tool is not in fact using a zero IV, likely > because your input is invalid. > > -- > Viktor. > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >
